This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/-ZxOHQoe4jxPlYsVCtXHIczS1IQ.roa File: -ZxOHQoe4jxPlYsVCtXHIczS1IQ.roa (raw, json) Hash identifier: 4BPRWx/Wu4r+JxAvUV/AN9iJq5FdOlCSfp1jZIN1uCY= Subject key identifier: F9:9C:4E:1D:0A:1E:E2:3C:4F:95:8B:15:0A:D5:C7:21:CC:D2:D4:84 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: E544 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/-ZxOHQoe4jxPlYsVCtXHIczS1IQ.roa Signing time: Mon 12 Jan 2026 05:27:13 +0000 ROA not before: Mon 12 Jan 2026 05:27:13 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 134762 IP address blocks: 43.226.72.0/22 maxlen: 22 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 58692 (0xe544) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Jan 12 05:27:13 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=F99C4E1D0A1EE23C4F958B150AD5C721CCD2D484 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:12:1c:50:06:a9:6b:0a:7e:ae:4f:4a:47:37: 16:9e:9e:1b:47:1a:dc:1d:a2:6d:8a:27:79:6e:a8: a2:3a:45:1e:d4:ed:d5:ce:80:91:48:c6:bc:5d:e2: 27:23:73:d0:77:87:cc:54:df:80:a1:d3:f0:8f:3b: 83:a7:ac:1d:b8:aa:82:60:35:b5:c5:ae:6f:f3:06: 41:e5:c2:c8:40:25:09:89:26:3b:ef:22:c1:8e:f1: 6c:54:bc:36:91:fe:b2:9b:ce:ff:54:80:d7:22:91: 8e:7d:ea:89:9b:c0:74:9f:83:b2:96:68:75:2e:ae: cf:c8:4c:e4:8d:9d:b6:30:5d:25:d2:17:a9:55:e3: 74:22:1f:df:20:e4:f5:f7:66:1d:e8:98:3e:c8:7c: 4c:b8:10:cc:84:7e:48:41:f8:a9:00:f6:05:11:46: c9:94:55:a1:71:5f:23:3e:93:b9:ca:35:a9:18:8e: 60:3f:b5:55:e1:ba:ad:36:5b:36:ab:56:b4:3d:c1: c8:6f:7d:db:31:1f:d9:aa:9b:eb:5e:85:53:09:01: a4:e1:94:20:dc:67:39:f9:d5:f9:ee:d4:b2:eb:e6: 64:1d:50:86:b8:ae:61:51:c3:d0:43:81:4d:e2:93: 9c:84:b1:e8:7f:51:7b:27:59:f4:c3:c9:b7:4b:c5: 09:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:9C:4E:1D:0A:1E:E2:3C:4F:95:8B:15:0A:D5:C7:21:CC:D2:D4:84 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/-ZxOHQoe4jxPlYsVCtXHIczS1IQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.72.0/22 Signature Algorithm: sha256WithRSAEncryption b7:bd:14:ba:38:44:99:0a:b8:c9:96:82:a7:b6:fc:08:77:c4: 18:4b:8b:50:2c:76:9b:33:02:45:9f:bd:83:4f:a0:cd:9d:1a: a3:72:a0:05:1b:1d:79:b7:69:e7:8a:d2:29:95:ac:aa:36:67: e9:b4:f6:77:b9:33:e2:74:94:8b:1c:cd:22:c0:72:cd:dc:29: 12:c8:7d:9b:b0:14:d3:4e:23:a5:3a:9c:11:ce:3d:3e:c8:52: c2:ec:28:a0:ad:f6:62:8f:51:6e:7b:fd:d6:ad:45:a6:3f:92: 20:cd:0b:6a:97:df:2b:1c:a5:44:f4:2a:51:4e:a8:62:a0:53: 09:c0:06:8e:a4:d2:6a:49:f5:10:17:07:cf:59:af:cd:25:9a: ce:89:83:ea:67:1f:37:38:bc:60:b3:bf:fc:28:ff:ad:27:5e: 5f:70:42:94:70:ff:85:a7:16:ef:55:96:67:f1:14:0c:a2:e3: 3a:b7:a3:b5:46:6c:66:b5:3c:ed:9b:af:f4:5a:12:e3:8e:c0: a2:c0:0b:0a:62:ac:d1:28:c2:9a:96:36:3c:6c:47:63:cd:13: ee:ae:23:01:16:b5:04:f7:6d:a6:3e:47:b7:2e:3d:3c:cd:e2: dd:ad:93:77:9e:3f:63:65:9d:17:14:97:8e:e4:39:b0:01:f2: c3:90:f5:84 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIDAOVEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhB RTRDRjc4QjQ5REYwQjJDMUQyOUQzMkU0OEE5NDNBRTRGNDFBQ0MwHhcNMjYwMTEy MDUyNzEzWhcNMjYxMDIzMDMwMTAzWjAzMTEwLwYDVQQDEyhGOTlDNEUxRDBBMUVF MjNDNEY5NThCMTUwQUQ1QzcyMUNDRDJENDg0MIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA8xIcUAapawp+rk9KRzcWnp4bRxrcHaJtiid5bqiiOkUe1O3V zoCRSMa8XeInI3PQd4fMVN+AodPwjzuDp6wduKqCYDW1xa5v8wZB5cLIQCUJiSY7 7yLBjvFsVLw2kf6ym87/VIDXIpGOfeqJm8B0n4Oylmh1Lq7PyEzkjZ22MF0l0hep VeN0Ih/fIOT192Yd6Jg+yHxMuBDMhH5IQfipAPYFEUbJlFWhcV8jPpO5yjWpGI5g P7VV4bqtNls2q1a0PcHIb33bMR/ZqpvrXoVTCQGk4ZQg3Gc5+dX57tSy6+ZkHVCG uK5hUcPQQ4FN4pOchLHof1F7J1n0w8m3S8UJ4QIDAQABo4IB8zCCAe8wHQYDVR0O BBYEFPmcTh0KHuI8T5WLFQrVxyHM0tSEMB8GA1UdIwQYMBaAFIrkz3i0nfCywdKd MuSKlDrk9BrMMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2 NjMvaXVUUGVMU2Q4TExCMHAweTVJcVVPdVQwR3N3LmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYzLy1aeE9IUW9lNGp4 UGxZc1ZDdFhISWN6UzFJUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAIr4kgwDQYJKoZIhvcNAQELBQADggEBALe9FLo4RJkKuMmWgqe2/Ah3xBhL i1AsdpszAkWfvYNPoM2dGqNyoAUbHXm3aeeK0imVrKo2Z+m09ne5M+J0lIsczSLA cs3cKRLIfZuwFNNOI6U6nBHOPT7IUsLsKKCt9mKPUW57/datRaY/kiDNC2qX3ysc pUT0KlFOqGKgUwnABo6k0mpJ9RAXB89Zr80lms6Jg+pnHzc4vGCzv/wo/60nXl9w QpRw/4WnFu9VlmfxFAyi4zq3o7VGbGa1PO2br/RaEuOOwKLACwpirNEowpqWNjxs R2PNE+6uIwEWtQT3baY+R7cuPTzN4t2tk3eeP2NlnRcUl47kObAB8sOQ9YQ= -----END CERTIFICATE-----Generated at Mon Jan 12 09:20:35 2026 by rpki-client